Total
41574 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2025-69053 | 2026-01-28 | N/A | 7.1 HIGH | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in LambertGroup Universal Video Player universal-video-player allows Reflected XSS.This issue affects Universal Video Player: from n/a through <= 3.8.4. | |||||
| CVE-2025-69051 | 2026-01-28 | N/A | 7.1 HIGH | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in CridioStudio ListingPro Reviews listingpro-reviews allows Reflected XSS.This issue affects ListingPro Reviews: from n/a through <= 1.7. | |||||
| CVE-2025-69048 | 2026-01-28 | N/A | 7.1 HIGH | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in LambertGroup Universal Video Player universal-video-player allows Reflected XSS.This issue affects Universal Video Player: from n/a through <= 3.8.4. | |||||
| CVE-2025-68906 | 2026-01-28 | N/A | 7.1 HIGH | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in jegtheme JNews - Video jnews-video allows Reflected XSS.This issue affects JNews - Video: from n/a through <= 11.0.2. | |||||
| CVE-2025-68904 | 2026-01-28 | N/A | 7.1 HIGH | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in jegtheme JNews - Frontend Submit jnews-frontend-submit allows Reflected XSS.This issue affects JNews - Frontend Submit: from n/a through <= 11.0.0. | |||||
| CVE-2025-67923 | 2026-01-28 | N/A | 7.1 HIGH | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Crocoblock JetEngine jet-engine allows Reflected XSS.This issue affects JetEngine: from n/a through <= 3.7.7. | |||||
| CVE-2025-47705 | 1 Iframe Remove Filter Project | 1 Iframe Remove Filter | 2026-01-28 | N/A | 6.1 MEDIUM |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Drupal IFrame Remove Filter allows Cross-Site Scripting (XSS).This issue affects IFrame Remove Filter: from 2.0.0 before 2.0.5, from 7.X-1.0 through 7.X-1.5, from 1.0 through 1.2. | |||||
| CVE-2026-24433 | 1 Tenda | 2 W30e, W30e Firmware | 2026-01-28 | N/A | 5.4 MEDIUM |
| Shenzhen Tenda W30E V2 firmware versions up to and including V16.01.0.19(5037) contain a stored cross-site scripting vulnerability in the user creation functionality. Insufficient input validation allows attacker-controlled script content to be stored and later executed when administrative users access the affected management pages. | |||||
| CVE-2024-47369 | 1 Wpwebinfotech | 1 Social Auto Poster | 2026-01-28 | N/A | 7.1 HIGH |
| Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in WPWeb Social Auto Poster allows Reflected XSS.This issue affects Social Auto Poster: from n/a through 5.3.15. | |||||
| CVE-2024-39652 | 1 Wpwebelite | 1 Woocommerce Pdf Vouchers | 2026-01-28 | N/A | 7.1 HIGH |
| Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in WPWeb Elite WooCommerce PDF Vouchers allows Reflected XSS.This issue affects WooCommerce PDF Vouchers: from n/a before 4.9.5. | |||||
| CVE-2025-68041 | 2026-01-28 | N/A | 7.1 HIGH | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in codisto Omnichannel for WooCommerce codistoconnect allows Stored XSS.This issue affects Omnichannel for WooCommerce: from n/a through <= 1.3.65. | |||||
| CVE-2024-29927 | 1 Hasthemes | 1 Wishsuite | 2026-01-28 | N/A | 6.5 MEDIUM |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in HasTheme WishSuite allows Stored XSS.This issue affects WishSuite: from n/a through 1.3.7. | |||||
| CVE-2024-29926 | 1 Hasthemes | 1 Wc Builder | 2026-01-28 | N/A | 6.5 MEDIUM |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in HasThemes WC Builder allows Stored XSS.This issue affects WC Builder: from n/a through 1.0.18. | |||||
| CVE-2024-29094 | 1 Hasthemes | 1 Ht Easy Ga4 \(google Analytics 4\) | 2026-01-28 | N/A | 7.1 HIGH |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in HasThemes HT Easy GA4 ( Google Analytics 4 ) allows Stored XSS.This issue affects HT Easy GA4 ( Google Analytics 4 ): from n/a through 1.1.7. | |||||
| CVE-2024-29102 | 1 Hasthemes | 1 Extensions For Cf7 | 2026-01-28 | N/A | 7.1 HIGH |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in HasThemes Extensions For CF7 allows Stored XSS.This issue affects Extensions For CF7: from n/a through 3.0.6. | |||||
| CVE-2024-29142 | 1 Webberzone | 1 Better Search | 2026-01-28 | N/A | 7.1 HIGH |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WebberZone Better Search – Relevant search results for WordPress allows Stored XSS.This issue affects Better Search – Relevant search results for WordPress: from n/a through 3.3.0. | |||||
| CVE-2025-31883 | 1 Webinarpress | 1 Webinarpress | 2026-01-28 | N/A | 5.9 MEDIUM |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WPWebinarSystem WebinarPress allows Stored XSS. This issue affects WebinarPress: from n/a through 1.33.27. | |||||
| CVE-2024-56265 | 1 Wpwebelite | 1 Woocommerce Pdf Vouchers | 2026-01-28 | N/A | 7.1 HIGH |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WPWeb WooCommerce PDF Vouchers allows Reflected XSS.This issue affects WooCommerce PDF Vouchers: from n/a before 4.9.9. | |||||
| CVE-2025-69003 | 2026-01-28 | N/A | 7.1 HIGH | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in QantumThemes KenthaRadio qt-kentharadio allows Reflected XSS.This issue affects KenthaRadio: from n/a through <= 2.2.0. | |||||
| CVE-2025-67943 | 2026-01-28 | N/A | 7.1 HIGH | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in wphocus My auctions allegro my-auctions-allegro-free-edition allows Reflected XSS.This issue affects My auctions allegro: from n/a through <= 3.6.32. | |||||